Hi Patrick
Thanks very much for your reply.
>Typically, monitoring a 10Gb link involves using a tap (or a switch with a SPAN port). Are you using copper or fiber?
I don't know which to choose. The cable length will be <5m. Which would you suggest?
>Depending on the load you expect on the 10Gb link, you might even need a filtering tap.
It seems that a tap is just a switch with a montoring port. Am I correct?
>If you have a decent tap and can filter the data you care about to less than 1Gbps,
>you can filter the 10G in the tap and feed it to your Wireshark system over a 1G link.
I had thought of just running Wireshark on the same PC as the test application. Then I wouldn't need a tap. But perhaps I should run it on a separate PC and then will need a tap.
> If you have to have a 10Gbps NIC, there are plenty to choose from, and just about all of them
> are based on one of a few Intel controllers. If you have a budget that permits, there are several
> companies that make 10Gbps boards specifically designed for packet capture, but they can be
> pricey from what I understand.
Ok
> Windows systems usually have more overhead than allowed for effective high bandwidth capture -
> I suspect you'd have better luck with the Linux base for running Wireshark on heavy loads.
Agreed - I'll use Linux.
> The biggest question you should answer before starting this quest is what kind of loads will you
> (ultimately) need to monitor?
Yes, I agree.
Best regards
David